 | ||
 Options for network monitoring/trending a Nokia appliance? | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2006-03-29 | |||
| |||
 Options for network monitoring/trending a Nokia appliance? All- First, let me begin by saying this site has been a fantastic resource... There is a wealth of info available here! This is my first post so please bare with me if this has been answered before... I was unable to find any info in my searches. For some background I am just starting to take over most firewall duties for our company. We currently have about 35 distributed sites in total using Traditional mode VPN configuration. Some sites are utilizing Windows-based Checkpoint boxes and some are using Nokia-based appliances. We are trying to figure out what are options are for performing network monitoring on our Nokia-based platforms, preferably using opensource applications. We are currently using ntop on our Windows machines which is exactly what we need. Is there anything comparable for the Nokia-based devices? Do they support sFlow/netflow so I could pass the data to another ntop server? Thanks again, eyunghans Last edited by eyunghans; 2006-03-29 at 15:03.  |
| 2006-03-29 | |||
| |||
| Re: Options for network monitoring/trending a Nokia appliance? What version are you running? You can try this almost free product: FW Logging By the way, what is wrong with Eventia Reporter and SmartView Monitor? |
| 2006-04-03 | |||
| |||
| Re: Options for network monitoring/trending a Nokia appliance? Thanks for the quick replies sergev and kva.kva... I'm the slow one to reply to this! :) sergev- It looks like both Advent's Firewall Analyzer as well Eventia Reporter require a connection directly to the management station... while that isn't an issue the flood of traffic coming into management station is. If we have 40 firewalls externally deployed (they link our offices around the world), about 1600 total users (with alot more actual computers), and all of them are sending usage data/stats back to our main management station, I could only imagine the traffic generated just by the firewalls could be excessive. To boot our management station is sitting in our home office, which has the most network usage statistically speaking. Is there a way to have a localized station somewhere behind each firewall to collect all of the logs instead of having it go all the way back to our main management station thus plugging up the pipe? It seems like both of these products are exactly what we need, we are just really concerned about the amount of bandwidth these transfer logs are going to generate on a daily basis incoming to that management station... kva.kva, We are currently using mrtg to graph our bandwidth, but sadly it won't tell us which user is using a BitTorrent client to download the latest Linux iso and sucking up a full T1... :) Thanks again, eyunghans Last edited by eyunghans; 2006-04-03 at 17:22. |
| 2006-04-03 | |||
| |||
| Re: Options for network monitoring/trending a Nokia appliance? If I'm not wrong it is possible to set Log Servers on each remote firewall. All the logging will be done locally. During off peak hours the logs will be transferred to the Reporting station (in the center location). SmartView Monitor do not require big pipe (AFAIK) for real time monitoring. Eventia Reporter Express reports do not require any raw log transfers also. All the statistics are collected and analyzed on the enforcement point. You only need to tune "SmartView Monitor" settings under remote firewall global properties (and have appropriate license). |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
